Static task
static1
Behavioral task
behavioral1
Sample
f23944ea67055bcf3fec07b05cd40c63a00f70fd0cec319a7052129aa3ebf4d3.exe
Resource
win7-20240704-en
General
-
Target
e778f61c9564e8c38dab781760f887db.zip
-
Size
2.5MB
-
MD5
829b0b8dcdfb4a078853e1353753f570
-
SHA1
563f8227516c76c2c644a19c8e09201772df8a89
-
SHA256
68a722859a83b7c222f6f36707657fad914c7b97437f3b73f76cdc4f7b5dc55f
-
SHA512
75a3f010a8b78801ca4f5daf03e5ba9fd575453d403c260dd1bdb4e9e5f226e7ebec3fbc14c5a8e303701aa975ee6e85ea614900f2d475cf4379f2f4f066befc
-
SSDEEP
49152:A7mNqkddkTv5B/guFWcRs9l5YYHwQr3VSyXJZSSZZlkEMfPn9N6LVQbAx:A78qkddmwYMr0yXJgSzOEsn9Nfby
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/f23944ea67055bcf3fec07b05cd40c63a00f70fd0cec319a7052129aa3ebf4d3
Files
-
e778f61c9564e8c38dab781760f887db.zip.zip
Password: infected
-
f23944ea67055bcf3fec07b05cd40c63a00f70fd0cec319a7052129aa3ebf4d3.exe windows:4 windows x86 arch:x86
Password: infected
baa93d47220682c04d92f7797d9224ce
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
comctl32
InitCommonControls
Sections
Size: 893KB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 13KB - Virtual size: 163KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mcnlladt Size: 1.8MB - Virtual size: 1.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ydbsuiri Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE